Using the past to predict the future: Top 5 threat predictions for 2013

Tim Rains, Director, Microsoft Trustworthy Computing |
Dec. 19, 2012

Before I get to my predictions, it's no secret that privacy and cyber-security are two topic areas that will continue to be hot topics in 2013.

As the holidays approach and 2013 is on the horizon, December is a natural time to reflect on events of the past year and what we have learned from them. Subsequently, every December I inevitably am asked to extrapolate or predict what the threat landscape might look like next year. I'm not Nostradamus, and I know that we can't use the past to predict the future with absolute accuracy. But I wanted to share my thoughts on the top five trends that I predict we'll see in the coming year based on current observations of the threat landscape.

Before I get to my predictions, it's no secret that privacy and cyber-security are two topic areas that will continue to be hot topics in 2013. Several privacy-related topics are garnering interest such as Differential Privacy and Do Not Track (DNT), among others. To state the obvious, privacy will be a super important topic area in 2013. Governments in many parts of the world are working on ways to best protect critical infrastructures from attacks that could impact the safety and stability of their regions. A colleague of mine, Paul Nicholas, published an article earlier this year called The Future of Cybersecurity: Understanding How the Next Billion Users Will Change Cyberspace that provides insights into this topic area. With these more obvious trends stated, let's dig into my top five predictions.

Prediction #1: Criminals will benefit from unintended consequences of espionage Over the past couple of years there have been news reports on the origin of targeted attacks that use sophisticated malware. Stuxnet is one such example. If these news reports are accurate and governments are developing malware as part of their military/economic espionage programs, it's a safe bet that there have been some unintended consequences that we will continue to see in 2013 and beyond. For example, one of the vulnerabilities that Stuxnet uses is CVE-2010-2568, for which an update was released back in 2010 (MS10-046). Since then many malware authors have adapted their malware to use this vulnerability in an attempt to successfully compromise as many systems as possible. Data published in the Microsoft Security Intelligence Report volume 13 indicates that exploits targeting CVE-2010-2568 accounted for more than 85 percent of operating system exploit detections worldwide in the first half of 2012; over three quarters of a million systems reported detections of this exploit in the second quarter of 2012 alone, almost two years after the associated security updates were released.

The barriers to entry for criminals to leverage highly sophisticated techniques in their attacks are lowered each time the malware and vulnerabilities that highly skilled professionals develop and use, are discovered. This is likely to amplify the unintended consequences of espionage in the coming years.